Cross-Site Request Forgery (CSRF) are a type of security attacks that may cause user accounts to be abused, so attackers can make users perform actions inadvertently in a vulnerable site and cause serious problems to the users and the sites.

There is a new proposal for PHP 7.1 to provide built-in semi-automatic protection against CSRF attacks, so it will be easier for PHP developers to protect the sites they develop against this type of exploit.

That was one of the main topics discussed by Manuel Lemos and Arturs Sosins in the episode 72 of the Lately in PHP podcast hangout.

They also talked about other proposals for PHP 7.1, as well the election of two release managers that will take care of the steps necessary to release PHP 7.1 later this year on the planned schedule.

This article includes a transcript of the podcast summary.

Listen to the podcast, or watch the hangout video, or read the summary transcript to learn more about these interesting PHP topics.

One of the greatest performance killers of applications that use large frameworks or libraries the overhead of bootstrap processes that is necessary to initialize the objects of their classes.

The good news is that a new feature called startup snapshot inspired on V8 engine (used by Chrome and Node.js) is being discussed to implement on PHP 7.1, so applications based on those frameworks take less time to startup and run.

The startup snapshot optimiziation was one of the main topics discussed by Manuel Lemos and Arturs Sosins in the episode 71 of the Lately in PHP podcast hangout.

They also talked about many proposals to make PHP 7 type hinting more complete, better text character set detection, PHP attributes similar to annotations, among many other new proposals.

The article also covers the latest enhancements to make PHP Classes package submission much smoother and more rewarding like the new monthly elePHPant prize and printed certificates that Innovation Award winners may get.

This article includes a transcript of the podcast summary.

Listen to the podcast, or watch the hangout video, or read the summary transcript to learn more about these interesting PHP topics.

PHP 7.0 brought us type hinting for class functions and return values, but there was still a missing piece in this giant leap for PHP which is type hinting for class properties.

The latest improvements to the proposal for class property type hinting in PHP 7.1 were one of the main topics discussed by Manuel Lemos and Arturs Sosins in the episode 70 of the Lately in PHP podcast hangout.

They also talked about several other proposals like Null Coealesce Equal Operator, the glitch of not evaluating arguments of new operator for classes without constructors, the latest proposal on catching multiple exception types, allowing empty property names to support json_decode, the spaceship assignment operator, the result of the var deprecation proposal vote.

Special attention to a call for donations to the family of Nate Abele, the core developer of CakePHP and Lithium PHP frameworks.

This article includes a transcript of podcast summary.

Listen to the podcast, or watch the hangout video, or read the summary transcript to learn more about these interesting PHP topics.

Since PHP 5 was introduced the class var keyword became an alias of public, so there is a discussion now about a proposal to remove the support for the var keyword in PHP 8 and deprecated in PHP 7.1.

That was one of the main topics discussed by Manuel Lemos and Arturs Sosins in the episode 69 of the Lately in PHP podcast hangout.

They also talked about several other proposals like the types of deprecated features in PHP 7.1, as well other feature additions to PHP 7.1 such as using interfaces in traits, pluggable transports for the mail function, being able to determine if an array has only numeric keys, etc..

Listen to the podcast, or watch the hangout video to learn more about these interesting PHP topics.

Operator overloading is a feature being proposed for PHP 7.1 that will allow using regular operators, like +, -, *, /, to perform operations with class objects using new magic methods. That was one of the main topics discussed by Manuel Lemos and Arturs Sosins in the episode 68 of the Lately in PHP podcast hangout.

They also talked about better handling of bugs caused by using invalid string values in arithmetic operations, supporting negative string offsets in all string operations, and better handling of issues caused by the regeneration of session IDs.

They also talked about the recent victory of Dave Smith and the United States team in the PHP Innovation Award, as well the improvements to the PHP Classes site features for promoting contributing authors work suggested by these winning authors.

Listen to the podcast, or watch the hangout video to learn more about these interesting PHP topics.

Now that PHP 7 was released, core developers have been discussing extending the support of PHP 5 releases until the end of 2016 and one or two years more for security fixes. That was one of the main topics discussed by Manuel Lemos and Arturs Sosins in the episode 67 of the Lately in PHP podcast hangout.

The transcripts have returned in the form of summaries for those that want a quick overview of the whole podcast topics.

The hosts also commented about the proposal of code of conduct for PHP contributors, the proposal to allow NULL or multiple types for type hinting of function parameters and return values, having LibSodium cryptorgraphy library in the core of PHP 7.1, having exceptions with multiple catch statements, as well an alternative syntax for list value assignments.

Listen to the podcast, or watch the hangout video, or read the podcast summary transcript to learn more about these interesting PHP topics.

So it is settled, after a lot of discussion, the voting process to choose the name for the next major PHP version just ended. The winning proposal is to call PHP 7 the next major version after PHP 5.x.

Read this article to understand the proposals and what to expect for the future of PHP 7 in terms of features and possible release date.

Not a very long after Facebook announced the Hack language, Dmitry Stogov of Zend announced a somewhat secret development branch of PHP called PHPNG that brings a JIT engine, significant speed and memory management improvements eventually to PHP 6.

Read this article to learn more details about what happened and what this means for the future of PHP.